Friday, February 10, 2012

If you're using HTTPS protocol in your web projects on Java, and storing some login data linked to the session ID, you've probably faced a problem with forwarding this session ID through Apache Web Server to Tomcat in cases when you need to use same session in different HTTPS calls.
Using HttpServletRequest's sessionId might not help, because Apache will overwrite it. All you need is to copy a Cookie named "JSESSIONID" from the original request, and pass it to your HTTPS calls. This will solve the problem if this Cookie presents in original HttpServletRequest: